IN THE CLAIMS 

1. (Currently amended) A method for use in an RFID system comprising at least one 
RFID device and at least one reader which communicates with the RFID device, the method 
comprising the steps of: 

associating a plurality of pseudonyms with the RFID device; and 

transmitting from the RFID device different ones of the pseudonyms in response 
to different reader queries of the RFID device; 

wherein an authorized verifier is able to determine that the different transmitted 
pseudonyms are associated with the same RFID device; 

wherein the verifier authenticates itself to the RFID device by releasing to the 
RFID device an authentication value /? ; unique to a given pseudonym a , transmitted by the RFID 
device; 

wherein the RFID device authenticates itself to the verifier by releasing to the 
verifier an authentication value y L unique to the given pseudonym a ,- transmitted by the RFID 
device ; and 

wherein one or more of the pseudonyms each comprise a portion of an identifier 
of the RFID device wherein at least one of the values au ft ; and y L is selected from a 
corresponding set of such values that is stored in the RFID device and updated using one-time 
pads transmitted by the verifier to the RFID device over multiple authentication sessions carried 
out between the verifier and the RFID device . 

2. (Original) The method of claim 1 wherein the transmitted pseudonyms are 
authenticated by the reader. 

3. (Original) The method of claim 1 wherein the transmitted pseudonyms are 
authenticated by a verifier other than the reader. 

4. (Original) The method of claim 1 wherein the RFID device is configured to 
authenticate itself to a verifier only after the verifier has authenticated itself to the RFID device. 

5. (Canceled) 
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6. (Canceled) 



7. (Original) The method of claim 1 wherein one or more of the pseudonyms each 
comprise an identifier of the RFID device. 

8. (Canceled) 

9. (Original) The method of claim 1 wherein the pseudonyms are stored in the RFID 
device as an ordered list of pseudonyms, the method further including the steps of designating a 
particular one of the pseudonyms as a current pseudonym and, in response to a given reader 
query, transmitting the current pseudonym, wherein over a plurality of reader queries the 
pseudonym designated as the current pseudonym periodically cycles through the list of 
pseudonyms. 

10. (Original) The method of claim 9 wherein after the current pseudonym is transmitted 
by the RFID device responsive to the given query, a different one of the plurality of stored 
pseudonyms is designated as the current pseudonym to be transmitted responsive to a subsequent 
query. 

1 1 . (Original) The method of claim 1 wherein one or more of the pseudonyms are 
generated on an as-needed basis within the RFID device. 

12. (Original) The method of claim 1 wherein one or more of the pseudonyms are 
generated externally to the RFID device. 

13. (Original) The method of claim 1 further including the step of limiting a rate at which 
the RFID device is permitted to transmit pseudonyms responsive to reader queries. 

14. (Original) The method of claim 1 further including the step of periodically altering 
one or more of the plurality of pseudonyms. 
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15. (Original) The method of claim 14 wherein the altering step is implemented 
responsive to receipt of refresh information in the RFID device from a verifier. 

16. (Original) The method of claim 15 wherein the refresh information comprises one or 
more refresh values transmitted from the verifier to the RFID device after mutual authentication 
of the RFID device and the verifier. 

17. (Previously presented) A method for use in an RFID system comprising at least one 
RFID device and at least one reader which communicates with the RFID device, the method 
comprising the steps of: 

associating a plurality of pseudonyms with the RFID device; and 

transmitting from the RFID device different ones of the pseudonyms in response 
to different reader queries of the RFID device; 

wherein an authorized verifier is able to determine that the different transmitted 
pseudonyms are associated with the same RFID device; and 

wherein for a given value k utilized in the RFID device, a vector A K = 
{S ( K l) ,S ( K 2) ,...,8 ( K m) } of one-time pads is maintained in the RFID device, wherein the one-time 
pad 8 ( K V is designated as a live pad and is used by the RFID device to update the value k, where 
m denotes a number of authentication sessions over which one-time pads are constructed. 

18. (Original) The method of claim 17 wherein the value k is updated by computing 

19. (Original) The method of claim 17 wherein in conjunction with updating the value k, 
the vector A K is updated utilizing a vector A t = {8^ ,8^ 2) ,...,8 K {m) } of one-time pads, the vector 
A K being updated by discarding the previous live pad 8 K (l) , setting 8 ( K ° - 8 ( K ' +1) for 1 < i < n - 
1, setting 8 ( K m) -Q', and performing an element- wise exclusive-or of A K and A K by 
computing 8 ( K l) = 8 ( K ° © 8 K (l) , such that the updated vector A K comprises a set of m one-time pads 
with decreasing levels of backward secrecy. 
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20. (Original) The method of claim 1 wherein a verifier of the system is configured to 
store for a given RFID device T x a static identifier id x corresponding to at least one pseudonym of 
T x . 

21. (Previously presented) A method for use in an RFID system comprising at least one 
RFID device and at least one reader which communicates with the RFID device, the method 
comprising the steps of: 

associating a plurality of pseudonyms with the RFID device; and 

transmitting from the RFID device different ones of the pseudonyms in response 
to different reader queries of the RFID device; 

wherein an authorized verifier is able to determine that the different transmitted 
pseudonyms are associated with the same RFID device; 

wherein the verifier is configured to store for a given RFID device T x a static 
identifier id x corresponding to at least one pseudonym of T x ; and 

wherein the pseudonyms for T x are obtained by encrypting id x || z x under a 
symmetric key K a for the verifier, where z x comprises a pseudonym counter. 

22. (Original) The method of claim 21 wherein when the verifier receives a pseudonym 
from the RFID device, the verifier decrypts the pseudonym using K a to obtain the corresponding 
static identifier id x . 

23. (Original) The method of claim 1 wherein a verifier of the system in conjunction with 
an authentication session with the RFID device specifies a value identifying a particular 
pseudonym to be transmitted by the RFID device. 

24. (Original) The method of claim 1 wherein the RFID device determines which of the 
plurality of pseudonyms to transmit responsive to a given reader query based at least in part on 
timing information. 
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25. (Original) The method of claim 1 wherein the RFID device incorporates a 
pseudorandom number generator, where f K (i) represents an output of the pseudorandom 
number generator for index i, where k x is a seed associated with the RFID device. 

26. (Original) The method of claim 25 wherein the RFID device generates the plurality of 
pseudonyms as pseudonyms a\ =fl\), a 2 =J(2), au = /(£). 

27. (Currently amended) A method for use in an RFID system comprising at least one 
RFID device and at least one reader which communicates with the RFID device, the method 
comprising the steps of: 

associating a plurality of pseudonyms with the RFID device; and 

transmitting from the RFID device different ones of the pseudonyms in response 
to different reader queries of the RFID device; 

wherein an authorized verifier is able to determine that the different transmitted 
pseudonyms are associated with the same RFID device; 

wherein the RFID device incorporates a pseudorandom number generator, 
where f K (i) represents an output of the pseudorandom number generator for index i, where k x is 
a seed associated with the RFID device; [[and]] 

wherein the RFID device and the verifier attempt to maintain a common counter 
d x unique to the RFID device, and share the seed k x ; and 

wherein for a given counter value d, the RFID device computes a given one of 
the pseudonyms as a function of both a base value b and the given counter value d, and the 
verifier provides a subsequent instruction to the RFID device to increment the base value b . 

28. (Original) The method of claim 27 wherein in order to determine which RFID device 
is associated with a given incoming value a, the verifier performs a lookup in a list {/^ (d x )} of 
current a values for a plurality of RFID devices. 

29. (Currently amended) The method of claim 27 wherein for [[a]] the given counter 
value d, the RFID device computes the given pseudonym as a d = j{bk + d), where b denotes a 
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base value, and the verifier provides a subsequent instruction to the RFID device to increment 
the base value b k denotes a number of pseudonyms associated with the RFID device . 

30. (Currently amended) An apparatus for use in an RFID system, the apparatus 
comprising: 

an RFID device having a plurality of pseudonyms associated therewith and being 
operative to communicate with one or more readers of the system; 

the RFID device being further operative to transmit different ones of the 
pseudonyms in response to different reader queries of the RFID device; 

wherein an authorized verifier is able to determine that the different transmitted 
pseudonyms are associated with the same RFID device; 

wherein the verifier authenticates itself to the RFID device by releasing to the 
RFID device an authentication value di unique to a given pseudonym a ,- transmitted by the RFID 
device; 

wherein the RFID device authenticates itself to the verifier by releasing to the 
verifier an authentication value % unique to the given pseudonym a , : transmitted by the RFID 
device ; and 

wherein one or more of the pseudonyms each comprise a portion of an identifier 
of the RFID device wherein at least one of the values ot ; , /?; and y , is selected from a 
corresponding set of such values that is stored in the RFID device and updated using one-time 
pads transmitted by the verifier to the RFID device over multiple authentication sessions carried 
out between the verifier and the RFID device . 

3 1 . (Currently amended) An RFID system comprising: 

a plurality of RFID devices; and 

a plurality of readers which communicate with at least a subset of the RFID 

devices; 

wherein a plurality of pseudonyms are associated with a given one of the RFID 
devices, the given RFID device being configurable to transmit different ones of the pseudonyms 
in response to different reader queries of the given RFID device; 
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wherein an authorized verifier is able to determine that the different transmitted 
pseudonyms are associated with the same RFID device; 

wherein the verifier authenticates itself to the given RFID device by releasing to 
the given RFID device an authentication value 3 j unique to a given pseudonym a ,- transmitted by 
the given RFID device; 

wherein the given RFID device authenticates itself to the verifier by releasing to 
the verifier an authentication value y t unique to the given pseudonym a ,- transmitted by the 
given RFID device ; and 

wherein one or more of the pseudonyms each comprise a portion of an identifier 
of the given RFID device wherein at least one of the values a b Pi and y ,_ is selected from a 
corresponding set of such values that is stored in the given RFID device and updated using one- 
time pads transmitted by the verifier to the given RFID device over multiple authentication 
sessions carried out between the verifier and the given RFID device . 

32. (Currently amended) An apparatus for use in an RFID system, the apparatus 
comprising: 

a reader which communicates with one or more RFID devices; 

wherein a plurality of pseudonyms are associated with a given one of the RFID 
devices, the given RFID device transmitting different ones of the pseudonyms in response to 
different reader queries of the given RFID device; 

wherein an authorized verifier is able to determine that the different transmitted 
pseudonyms are associated with the same RFID device; 

wherein the verifier authenticates itself to the given RFID device by releasing to 
the given RFID device an authentication value /?; unique to a given pseudonym a ,- transmitted by 
the given RFID device; 

wherein the given RFID device authenticates itself to the verifier by releasing to 
the verifier an authentication value y L unique to the given pseudonym a ,- transmitted by the 
given RFID device ; and 

wherein one or more of the pseudonyms each comprise a portion of an identifier 
of the RFID device wherein at least one of the values au 0 ; and y L is selected from a 
corresponding set of such values that is stored in the given RFID device and updated using one- 



time pads transmitted by the verifier to the given RFID device over multiple authentication 
sessions carried out between the verifier and the given RFID device . 

33. (Currently amended) A method for use in a system comprising at least one device and 
at least one reader which communicates with the device, the method comprising the steps of: 

associating a plurality of pseudonyms with the device; and 

transmitting from the device different ones of the pseudonyms in response to 
different reader queries of the device; 

wherein the pseudonyms are determined utilizing an updateable set of one or 
more one-time pads maintained in the device; [[and]] 

wherein the device comprises an RFID device; 

wherein a verifier authenticates itself to the RFID device by releasing to the RFID 
device an authentication value /?,• unique to a given pseudonym a ,- transmitted by the RFID 
device; 

wherein the RFID device authenticates itself to the verifier by releasing to the 
verifier an authentication value y ,- unique to the given pseudonym a ,- transmitted by the RFID 
device; and 

one or more of the pseudonyms each comprise a portion of an identifier of the 
RFID device wherein at least one of the values a ,- , f5 { and y t is selected from a corresponding set 
of such values that is stored in the RFID device and updated using one-time pads transmitted by 
the verifier to the RFID device over multiple authentication sessions carried out between the 
verifier and the RFID device . 

34. (New) The method of claim 1 wherein one or more of the pseudonyms each comprise 
a portion of an identifier of the RFID device. 
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